On 28/06/18 03:49, Gordon Hsiao wrote: > does it exist somewhere? Just notice this option in 3.5 but google does > not say any location I can fetch like the way a typical ca-bundle is. > IIRC, Yuri published the bundle they had accumulated a while back. The link seems not to be working now though. You can easily accumulate your own if you like. Simply by watching for reports about sites/services not working do to certificate verification errors. Check that it is missing an intermediate rather than other TLS/SSL errors. Manually download the missing intermediate cert and append it in PEM format to your bundle file. However, I recommend just upgrading to Squid-4. That version has many crypto related fixes that make life easier - including the ability to auto-download most of these missing intermediate certs. The directive may still be needed for some servers that do very weird things, but not nearly as many as Squid-3 needs attending to. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
